Data Sheet

High-Performance Appliances
LogRhythm high-performance appliances combine LogRhythm software with the
appropriate hardware elements to deliver maximum flexibility, with options ranging LogRhythm NextGen SIEM Platform
from convenient all-in-one platforms to high-performance, dedicated appliances
LogRhythm provides deep visibility into
for massive scalability in extremely large environments. LogRhythm’s distributed,
your environment, empowering you to
incrementally scalable architecture enables deployments to scale both horizontally
secure your networks and comply with
and vertically.
regulatory requirements.
Benefits include: LogRhythm delivers the following
• Building block architecture and geographic flexibility functionality on a unified platform:
• Expandable storage options with any sized model
• SIEM and log management on an
• Centralized management
Elasticsearch backend
• Flexible high availability and disaster recovery options
• Network forensics with application
LogRhythm XM ID and full packet capture
All-in-One (XM): LogRhythm XM appliances perform the work of a PM, DP, DX, and • Endpoint forensics and file integrity
AIE, all on a single appliance. Many deployments begin with an XM appliance and are monitoring (FIM)
expanded over time to include additional components to increase fault tolerance,
• Machine-automated security analytics
capacity and performance.
-- User and entity / network traffic /
LogRhythm Enterprise endpoint behavior analysis
Platform Manager (PM): LogRhythm PM appliances perform centralized event -- Statistical analysis, advanced
management and administration for a LogRhythm deployment, including alarming, correlation, and other techniques
case management and APIs, workflow automation and more. Each LogRhythm
• Unstructured and structured search
deployment has a single Platform Manager.
• Intuitive dashboards and visualizations
Data Processor (DP): LogRhythm DP appliances receive machine and forensic data
from Data Collectors and System Monitor agents and then perform distributed • Integrated case management
processing. DPs use our Machine Data Intelligence Fabric to transform data into a • SmartResponse™ automation platform
structured and contextualized form. Processors archive data and distribute both
original and structured copies to platform components that perform indexing,
machine-based security analytics, and alarming.
Data Indexer (DX): LogRhythm DX appliances perform distributed and highly scalable “ I t has been extremely easy
indexing of machine and forensic data. Multiple DXs can be clustered to improve for us to not only implement
performance and availability. Indexers store original raw data as well as structured LogRhythm, but also extend
data to enable structured and unstructured search-based analytics. LogRhythm to be a solution
for a number of other
Warm Node Data Indexer (DXW): The Warm Node appliance is an Elasticsearch
monitoring challenges.”
node with a closed index. It extends Time-to-Live (TTL) to over 365 days and is
a powerful and cost effective alternative to adding Data Indexers when seeking IT Professional, Large Retail Firm
additional storage.
AI Engine (AIE): LogRhythm AIE appliances deliver highly scalable, patented machine
analytics for advanced correlation and behavioral analysis, including automated
behavioral, histogram, statistical and whitelist profiling. AI Engine scales horizontally
to perform distributed analysis of massive workloads.
Disaster Recovery and High
Add-on Appliances Availability Options
Data Collector (DC): LogRhythm’s optional DC appliances collect log, flow, and
LogRhythm’s flexible Disaster Recovery and
machine data. They encrypt, compress and transport data from remote locations to
High Availability solutions can be tailored
LogRhythm DPs, either in real time or on a schedule.
to meet the specific requirements of your
NetMon (NM): LogRhythm NM appliances offer full visibility into network traffic, organization. LogRhythm appliances are built
identifying applications via deep packet inspection, and providing real-time with onboard redundancy for maximum fault-
unstructured search access to all metadata and packet captures. NetMon can also tolerance, and our active/active architectures
forward Layer 7 SmartFlow™ to the SIEM and third-party solutions for further analysis. maximize the return on your investment.

WWW.LOGRHYTHM.COM
Appliance Specifications
Max Processing Chassis Memory (Ex- Internal Storage Max Storage Height Width Length Weight
Model Series CPU Cores Ethernet Power
Rate Rack Units pandable) (Usable/Raw) (Usable/Raw) (in / cm) (in / cm) (in / cm) (lb / kg)

Intel x540 DP (2 x 10Gb) 10GBASE-T

XM4500 2,000 MPS 1U 10 96 (384) GB 2.8 TB/4.88 TB 123 TB/149 TB 100-240 VAC 1.68 / 4.28 18.98 / 48.24 28.42 / 72.19 48.28 / 21.9
Intel I350 DP (2 x 1Gb)
XM
ALL-IN-ONE Intel x540 DP (2 x 10Gb) 10GBASE-T
XM6500 5,000 MPS 2U 20 192 (768) GB 14 TB/18.24 TB 135 TB/162 TB 100-240 VAC 3.44 / 8.73 18.99 / 48.24 29.75 / 75.60 57.98 / 26.3
(Includes PM, DP, DX, Intel I350 DP (2 x 1Gb)
AIE)
Intel x540 DP (2 x 10Gb) 10GBASE-T
XM8500 10,000 MPS 2U 24 256 (768) GB 25.4 TB/30.88 TB 147 TB/174 TB 100-240 VAC 3.44 / 8.73 18.98 / 48.24 29.76 / 75.6 62 / 28.1
Intel I350 DP (2 x 1Gb)

Intel x540 DP (2 x 10Gb) 10GBASE-T

PM5500 N/A 1U 10 128 (384) GB 2.8 TB/6.24 TB 13 TB/27 TB 100-240 VAC 1.68 / 4.28 18.99 48.24 28.42 / 72.19 48.28 / 21.9
PM Intel I350 DP (2 x 1Gb)
Platform Manager Intel x540 DP (2 x 10Gb) 10GBASE-T
PM7500 N/A 2U 24 128 (768) GB 10.3 TB/22.28 TB 21 TB/43 TB 100-240 VAC 3.44 / 8.73 18.99 48.24 29.76 / 75.6 62 / 28.1
Intel I350 DP (2 x 1Gb)

Intel x540 DP (2 x 10Gb) 10GBASE-T

DP5500 15,000 MPS 1U 12 64 (384) GB 4.8 TB/10.48 TB 125 TB/154 TB 100-240 VAC 1.68 / 4.28 18.98 / 48.24 28.42 / 72.19 48.28 / 21.9
DP Intel I350 DP (2 x 1Gb)
Data Processor Intel x540 DP (2 x 10Gb) 10GBASE-T
DP7500 40,000 MPS 1U 24 128 (768) GB 13.2 TB/20.48 TB 134 TB/164 TB 100-240 VAC 1.68 / 4.28 18.98 / 48.24 28.42 / 72.19 48.28 / 21.9
Intel I350 DP (2 x 1Gb)

Intel x540 DP (2 x 10Gb) 10GBASE-T

DX3500 5,000 MPS 1U 12 64 (384) GB 6.9 TB/10.08 TB N/A 100-240 VAC 1.68 / 4.28 18.98 / 48.24 28.42 / 72.19 48.28 / 21.9
Intel I350 DP (2 x 1Gb)

DX Intel x540 DP (2 x 10Gb) 10GBASE-T

DX5500 10,000 MPS 2U 14 128 (384) GB 15.8 TB/19.68 TB N/A 100-240 VAC 3.44 / 8.73 18.98 / 48.24 29.75 / 75.6 57.98 / 26.3
Data Indexer Intel I350 DP (2 x 1Gb)

Intel X550 DP (2 x 10Gb) 10GBASE-T

DX7500 20,000 MPS 2U 28 256 (768) GB 40.3 TB/46.80 TB N/A 100-240 VAC 3.42 / 8.73 18.98 / 48.24 29.76 / 75.6 62 / 28.1
Intel I350 DP (2 x 1Gb)

DXW Intel x550 DP (2 x 10Gb) 10GBASE-T

DXW5120 N/A 2U 10 / 20 128 (768) GB 110 TB/130 TB N/A 100-240 VAC 3.42 / 8.73 18.98 / 48.24 29.76 / 75.6 62 / 26.3
Data Indexer Warm Node Intel I350 DP (2 x 1Gb)

AIE Intel x540 DP (2 x 10Gb) 10GBASE-T

AIE7500 75,000 MPS 1U 24 128 (768) GB 2.1 TB/4.48 TB N/A 100-240 VAC 1.68 / 4.28 18.98 / 48.24 28.42 / 72.19 48.28 / 21.9
AI Engine Intel I350 DP (2 x 1Gb)”

DC
DC3400 N/A 1U 4 16 (64) GB 278 GB/600 GB N/A Broadcom 5720 DP (2 x 1Gb) 100-240 VAC 1.68 / 4.28 18.99 / 48.24 26.65 / 67.69 30.42 / 13.8
Data Collector

Intel x540 DP (2 x 10Gb) 10GBASE-T

NM3500 1 Gbps 1U 12 128 (384) GB 3.6 TB/5.28 TB 30 TB/34 TB 100-240 VAC 1.68 / 4.28 18.98 / 48.24 28.42 / 72.19 48.28 / 21.9
NM Intel I350 DP (2 x 1Gb)
NetMon Intel x540 DP (2 x 10Gb) 10GBASE-T
NM5500 5 Gbps 2U 28 128 (768) GB 12.5TB/14.88 TB 40 TB/44 TB 100-240 VAC 3.44 / 8.73 18.98 / 48.24 29.76 / 75.6 62 / 28.1
Intel I350 DP (2 x 1Gb)

WS
WS3400 N/A 1U 8 32 (384) GB 556 GB/1200 GB N/A Broadcom 5720 QP (4 x 1Gb) 100-240 VAC 1.68 / 4.28 18.98 / 48.24 27.57 / 70.05 40.96 / 18.6
Web Server

Direct Attached Storage

Height Width Length Weight
Model Number Hard Drives Usable Storage Total Storage Power Chassis Rack Units
(in / cm) (in / cm) (in / cm) (lb / kg)
12 x 12TB 7200 RPM
Near-Line SAS 12Gbps
SAAR5120 120 TB 144 TB 100-240 VAC 2U 3.39 / 8.7 18.8 / 48.2 29.1 / 54.1 53.35 / 24.2
3.5 in. Hot Plug Hard Drives
RAID 5
24 x 1.2 TB 10k RPM
Serial-Attached SCSI 12Gbps
SANM5026 26.4 TB 28.8 TB 100-240 VAC 2U 3.39 / 8.7 18.8 / 48.2 29.1 / 54.1 53.35 / 24.2
2.5 in. Hot Plug Hard Drives
RAID 5
24 x 900GB 15k RPM
Serial-Attached SCSI 12Gbps
SAPM5020 19.8 TB 21.6 TB 100-240 VAC 2U 3.39 / 8.7 18.8 / 48.2 29.1 / 54.1 53.35 / 24.2
2.5 in. Hot Plug Hard Drives
RAID 5

WWW.LOGRHYTHM.COM ©2019 LogRhythm Inc. | DS649_Jan19